How to add super user via code

Support & Bugs
1

Hi
I want to implement Piwik inside my PHP application. And if someone logs into his/her profile, s/he should also be automatically logged into Piwik and the stats should be available. Thats my general requirement.

To do this, I created an API for user login. It is as follows:


class Piwik_Login_API 
{
	static private $instance = null;
	static public function getInstance()
	{
		if (self::$instance == null)
		{            
			$c = __CLASS__;
			self::$instance = new $c();
		}
		return self::$instance;
	}
    
    public function logme($userLogin, $md5Password)
    {
      $login = $userLogin;
      $password = $md5Password;
    
      if(strlen($password) != 32)
      {
        throw new Exception("The password parameter is expected to be a MD5 hash of the password.");
      }
    
      if($login == Zend_Registry::get('config')->superuser->login)
      {
        throw new Exception("The Super User cannot be authenticated using this URL.");
      }
      
      //$objLogin = get
      $authenticated = $this->authenticate($login, $password);
      if($authenticated === false)
      {
        return false; //echo Piwik_Translate('Login_LoginPasswordNotCorrect');
      }
      return $authenticated;
    }

    protected function authenticate($login, $md5Password)
	{
		$tokenAuth = Piwik_UsersManager_API::getInstance()->getTokenAuth($login, $md5Password);

		$auth = Zend_Registry::get('auth');
		$auth->setLogin($login);
		$auth->setTokenAuth($tokenAuth);

		$authResult = $auth->authenticate();
		if(!$authResult->isValid())
		{
			return false;//return Piwik_Translate('Login_LoginPasswordNotCorrect');
		}

		$authCookieName = Zend_Registry::get('config')->General->login_cookie_name;
		$authCookieExpiry = time() + Zend_Registry::get('config')->General->login_cookie_expire;
		$authCookiePath = Zend_Registry::get('config')->General->login_cookie_path;
		$cookie = new Piwik_Cookie($authCookieName, $authCookieExpiry, $authCookiePath);
		$cookie->set('login', $login);
		$cookie->set('token_auth', $authResult->getTokenAuth());
		$cookie->save();

		Zend_Session::regenerateId();
        
        return $authResult->getTokenAuth();

		//Piwik_Url::redirectToUrl($urlToRedirect);
	}
}

I copied few functions from the controller and made the API based upon them and tweaked them a little bit to suit my requirement.

So, I wrote a code to call this login method and automatically log in the user. The code is as follows:

    
$request = new Piwik_API_Request('method=Login.logme
            &userLogin=sushil
            &md5Password='.md5('romangod'));
    $token = $request->process();
    
    
    if($token !== false)
    {
        $request = new Piwik_API_Request('method=SitesManager.addSite 
                &siteName=JehanGallery
                &urls=sirius/jehangallery/site/
                &token_auth='.$token);
        $result = $request->process();
        
        var_dump($result);
    }

I have already initialized Piwik in my application, so it should not be a major concern.

This page always gives the following error:


<result> 
	<error message="You can't access this resource as it requires a 'superuser' access." /> 
</result>

I found something in this post: forum.piwik.org/index.php?showtopic=7981

I did what is explained there but it didn’t help either.

I have manually added the user ‘sushil’ as superuser.

Can anybody please help me with this? If I pass this step, then I think I can easily integrate Piwik into my application.

Thanks in advance for the help.

1 Like
2

in the API request string, you must put the token_auth parameter (to authenticate API and widgets), not md5Password (only used for the API to create/update users). See examples: http://dev.piwik.org/trac/wiki/API/Reference

3

Thanks for the reply. But, if you check my code closely, the function logme in Login_API, it returns the token when the login is successful. I have passed the same token with the second api request. But still, it doesn’t work.

Do you have any other solution? Thanks in advance.

Regards,
Sushil

4

Seems like nobody is interested in replying my post. Well, I found a solution myself for that.

I suppose we cannot create super user at all. Even if we give super user permission to a particular user, it is not identified by the system as the super user. The system identifies the user defined in config file as the super user only (it is defined in the code somewhere).

So, the workaround for this solution is to add token of the admin super user while creating a site or a user using API.

The APIs return values in XML format. So, to check the return value of the API, I have used SimpleXML. At some places, I have manually stripped the return var using substr.